Ubuntu Security Notice USN-6138-1

Ubuntu Security Notice 6138-1 - Philip Turnbull discovered that libssh incorrectly handled rekeying with algorithm guessing. A remote attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code. Kevin Backhouse discovered that libssh incorrectly handled verifying data signatures. A remote attacker could possibly use this issue to bypass authorization.

June 5^th 2023 at 17:34

Red Hat Security Advisory 2023-3304-01

Red Hat Security Advisory 2023-3304-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.1. Issues addressed include denial of service and traversal vulnerabilities.

June 5^th 2023 at 17:33

Debian Security Advisory 5418-1

Debian Linux Security Advisory 5418-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

June 5^th 2023 at 17:33

Ubuntu Security Notice USN-6137-1

Ubuntu Security Notice 6137-1 - It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code.

June 5^th 2023 at 17:33

Red Hat Security Advisory 2023-3379-01

Red Hat Security Advisory 2023-3379-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes security fixes. This release of RHACS includes a fix for CVE-2023-24540 by building RHACS with updated Golang.

June 5^th 2023 at 17:32

Red Hat Security Advisory 2023-3305-02

Red Hat Security Advisory 2023-3305-02 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.1.

June 5^th 2023 at 17:30

Ubuntu Security Notice USN-6135-1

Ubuntu Security Notice 6135-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

June 5^th 2023 at 17:30

Red Hat Security Advisory 2023-3309-01

Red Hat Security Advisory 2023-3309-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.42. Issues addressed include a denial of service vulnerability.

June 5^th 2023 at 17:27

Red Hat Security Advisory 2023-3303-01

Red Hat Security Advisory 2023-3303-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.1.

June 5^th 2023 at 17:24

Ubuntu Security Notice USN-6136-1

Ubuntu Security Notice 6136-1 - It was discovered that FRR incorrectly handled parsing certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. This issue only affected Ubuntu 23.04. It was discovered that FRR incorrectly handled parsing certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service.

June 5^th 2023 at 17:22

Red Hat Security Advisory 2023-3287-01

Red Hat Security Advisory 2023-3287-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.19. Issues addressed include a denial of service vulnerability.

June 5^th 2023 at 17:22

Red Hat Security Advisory 2023-3361-01

Red Hat Security Advisory 2023-3361-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

June 5^th 2023 at 17:20

Red Hat Security Advisory 2023-3351-01

Red Hat Security Advisory 2023-3351-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

June 5^th 2023 at 17:20

Red Hat Security Advisory 2023-3349-01

Red Hat Security Advisory 2023-3349-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

June 5^th 2023 at 17:19

Red Hat Security Advisory 2023-3350-01

Red Hat Security Advisory 2023-3350-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.

June 5^th 2023 at 17:18

Red Hat Security Advisory 2023-3360-01

Red Hat Security Advisory 2023-3360-01 - The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. "apr-util" is a library which provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more. Issues addressed include an out of bounds write vulnerability.

June 5^th 2023 at 17:17

Red Hat Security Advisory 2023-3380-01

Red Hat Security Advisory 2023-3380-01 - The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. apr-util is a library which provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more. Issues addressed include an out of bounds write vulnerability.

June 5^th 2023 at 17:12

Ubuntu Security Notice USN-6112-2

Ubuntu Security Notice 6112-2 - USN-6112-1 fixed vulnerabilities in Perl. This update provides the corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. It was discovered that Perl was not properly verifying TLS certificates when using CPAN together with HTTP::Tiny to download modules over HTTPS. If a remote attacker were able to intercept communications, this flaw could potentially be used to install altered modules.

June 5^th 2023 at 17:12

Red Hat Security Advisory 2023-3356-01

Red Hat Security Advisory 2023-3356-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.9 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.

June 5^th 2023 at 17:11

Red Hat Security Advisory 2023-3373-02

Red Hat Security Advisory 2023-3373-02 - Migration Toolkit for Runtimes 1.1.0 Images. Issues addressed include a denial of service vulnerability.

June 5^th 2023 at 17:04

Red Hat Security Advisory 2023-3353-01

Red Hat Security Advisory 2023-3353-01 - Multicluster Engine for Kubernetes 2.0.9 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

June 5^th 2023 at 17:04

Red Hat Security Advisory 2023-3382-01

Red Hat Security Advisory 2023-3382-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.

June 5^th 2023 at 17:02

Red Hat Security Advisory 2023-3374-01

Red Hat Security Advisory 2023-3374-01 - Migration Toolkit for Runtimes 1.1.0 ZIP artifacts. Issues addressed include a denial of service vulnerability.

June 5^th 2023 at 17:01

Ubuntu Security Notice USN-6134-1

Ubuntu Security Notice 6134-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

June 2^nd 2023 at 16:06

Ubuntu Security Notice USN-6133-1

Ubuntu Security Notice 6133-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information.

June 2^nd 2023 at 16:05

Ubuntu Security Notice USN-6128-1

Ubuntu Security Notice 6128-1 - It was discovered that CUPS incorrectly handled logging. A remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code.

June 1^st 2023 at 14:52

Red Hat Security Advisory 2023-3415-01

Red Hat Security Advisory 2023-3415-01 - Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes security and bug fixes.

June 1^st 2023 at 14:48

Red Hat Security Advisory 2023-3408-01

Red Hat Security Advisory 2023-3408-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include double free and use-after-free vulnerabilities.

June 1^st 2023 at 14:43

Ubuntu Security Notice USN-6127-1

Ubuntu Security Notice 6127-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

June 1^st 2023 at 14:42

Red Hat Security Advisory 2023-3397-01

Red Hat Security Advisory 2023-3397-01 - QATzip is a user space library which builds on top of the Intel QuickAssist Technology user space library, to provide extended accelerated compression and decompression services by offloading the actual compression and decompression request to the Intel Chipset Series. Issues addressed include a privilege escalation vulnerability.

June 1^st 2023 at 14:39

Red Hat Security Advisory 2023-3403-01

Red Hat Security Advisory 2023-3403-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a denial of service vulnerability.

June 1^st 2023 at 14:34

Red Hat Security Advisory 2023-3387-01

Red Hat Security Advisory 2023-3387-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. Issues addressed include a cross site scripting vulnerability.

June 1^st 2023 at 14:31

Red Hat Security Advisory 2023-3394-01

Red Hat Security Advisory 2023-3394-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.

June 1^st 2023 at 14:29

Red Hat Security Advisory 2023-3388-01

Red Hat Security Advisory 2023-3388-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and use-after-free vulnerabilities.

June 1^st 2023 at 14:17

Ubuntu Security Notice USN-6125-1

Ubuntu Security Notice 6125-1 - It was discovered that the snap sandbox did not restrict the use of the ioctl system call with a TIOCLINUX request. This could be exploited by a malicious snap to inject commands into the controlling terminal which would then be executed outside of the snap sandbox once the snap had exited. This could allow an attacker to execute arbitrary commands outside of the confined snap sandbox. Note: graphical terminal emulators like xterm, gnome-terminal and others are not affected - this can only be exploited when snaps are run on a virtual console.

May 31^st 2023 at 16:31

Ubuntu Security Notice USN-6126-1

Ubuntu Security Notice 6126-1 - It was discovered that libvirt incorrectly handled the nwfilter driver. A local attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. It was discovered that libvirt incorrectly handled queries for the SR-IOV PCI device capabilities. A local attacker could possibly use this issue to cause libvirt to consume resources, leading to a denial of service.

May 31^st 2023 at 16:31

Debian Security Advisory 5417-1

Debian Linux Security Advisory 5417-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit.

May 31^st 2023 at 16:31

Ubuntu Security Notice USN-6123-1

Ubuntu Security Notice 6123-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service.

May 31^st 2023 at 16:30

Ubuntu Security Notice USN-6124-1

Ubuntu Security Notice 6124-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service.

May 31^st 2023 at 16:30

Ubuntu Security Notice USN-6117-1

Ubuntu Security Notice 6117-1 - It was discovered that Apache Batik incorrectly handled certain inputs. An attacker could possibly use this to perform a cross site request forgery attack. It was discovered that Apache Batik incorrectly handled Jar URLs in some situations. A remote attacker could use this issue to access files on the server. It was discovered that Apache Batik allowed running untrusted Java code from an SVG. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.

May 31^st 2023 at 16:30

Ubuntu Security Notice USN-6122-1

Ubuntu Security Notice 6122-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service.

May 31^st 2023 at 16:29

Debian Security Advisory 5416-1

Debian Linux Security Advisory 5416-1 - It was discovered that there was a potential buffer overflow and denial of service vulnerability in the gdhcp client implementation of connman, a command-line network manager designed for use on embedded devices.

May 31^st 2023 at 16:29

Ubuntu Security Notice USN-6121-1

Ubuntu Security Notice 6121-1 - It was discovered that Nanopb incorrectly handled certain decode messages. An attacker could possibly use this cause a denial of service or expose sensitive information. It was discovered that Nanopb incorrectly handled certain decode messages. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

May 30^th 2023 at 17:08

Ubuntu Security Notice USN-6111-1

Ubuntu Security Notice 6111-1 - It was discovered that Flask incorrectly handled certain data responses. An attacker could possibly use this issue to expose sensitive information.

May 30^th 2023 at 17:07

Ubuntu Security Notice USN-6119-1

Ubuntu Security Notice 6119-1 - Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. Anton Romanov discovered that OpenSSL incorrectly handled AES-XTS cipher decryption on 64-bit ARM platforms. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04.

May 30^th 2023 at 17:07

Ubuntu Security Notice USN-6120-1

Ubuntu Security Notice 6120-1 - Several security issues were discovered in the SpiderMonkey JavaScript library. If a user were tricked into opening malicious JavaScript applications or processing malformed data, a remote attacker could exploit a variety of issues related to JavaScript security, including denial of service attacks, and arbitrary code execution.

May 30^th 2023 at 17:07

Advisory Files ≈ Packet Storm
Widevine Trustlet 5.x / 6.x / 7.x PRDiagParseAndStoreData Buffer Overflow
May 30^th 2023 at 16:49

Widevine Trustlet 5.x / 6.x / 7.x PRDiagParseAndStoreData Buffer Overflow

Widevine Trustlet versions 5.x, 6.x, and 7.x suffer from a buffer overflow vulnerability in PRDiagParseAndStoreData at 0x5cc8.

May 30^th 2023 at 16:49

Advisory Files ≈ Packet Storm
Widevine Trustlet 5.x / 6.x / 7.x PRDiagVerifyProvisioning Buffer Overflow
May 30^th 2023 at 16:47

Widevine Trustlet 5.x / 6.x / 7.x PRDiagVerifyProvisioning Buffer Overflow

Widevine Trustlet versions 5.x, 6.x, and 7.x suffer from a buffer overflow vulnerability in PRDiagVerifyProvisioning at 0x5f90.

May 30^th 2023 at 16:47

Advisory Files ≈ Packet Storm
Widevine Trustlet 5.x drm_verify_keys Buffer Overflow
May 30^th 2023 at 16:45

Widevine Trustlet 5.x drm_verify_keys Buffer Overflow

Widevine Trustlet versions 5.x suffer from a buffer overflow vulnerability in drm_verify_keys at 0x7370.

May 30^th 2023 at 16:45

Advisory Files ≈ Packet Storm
Widevine Trustlet 5.x drm_verify_keys Buffer Overflow
May 30^th 2023 at 16:43

Widevine Trustlet 5.x drm_verify_keys Buffer Overflow

Widevine Trustlet versions 5.x suffer from a buffer overflow vulnerability in drm_verify_keys at 0x730c.

May 30^th 2023 at 16:43

Advisory Files ≈ Packet Storm
Widevine Trustlet 5.x drm_save_keys Buffer Overflow
May 30^th 2023 at 16:41

Widevine Trustlet 5.x drm_save_keys Buffer Overflow

Widevine Trustlet versions 5.x suffer from a buffer overflow vulnerability in drm_save_keys at 0x6a18.

May 30^th 2023 at 16:41

Advisory Files ≈ Packet Storm
Widevine Trustlet 5.x drm_save_keys Buffer Overflow
May 30^th 2023 at 16:36

Widevine Trustlet 5.x drm_save_keys Buffer Overflow

Widevine Trustlet versions 5.x suffer from a drm_save_keys related buffer overflow.

May 30^th 2023 at 16:36

Ubuntu Security Notice USN-6115-1

Ubuntu Security Notice 6115-1 - Max Chernoff discovered that LuaTeX did not properly disable shell escape. An attacker could possibly use this issue to execute arbitrary shell commands.

May 30^th 2023 at 16:34

Ubuntu Security Notice USN-6118-1

Widevine Trustlet versions 5.x suffer from a buffer overflow vulnerability in drm_save_keys at 0x69b0.

May 30^th 2023 at 16:34

Ubuntu Security Notice USN-6113-1

Ubuntu Security Notice 6113-1 - It was discovered that Jhead did not properly handle certain crafted images while processing the Exif markers. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service.

May 30^th 2023 at 16:33

Ubuntu Security Notice USN-6114-1

Ubuntu Security Notice 6114-1 - Yeting Li discovered that nth-check incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

May 30^th 2023 at 16:33

Ubuntu Security Notice USN-6116-1

Ubuntu Security Notice 6116-1 - It was discovered that hawk incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

May 30^th 2023 at 16:33

Advisory Files ≈ Packet Storm
Gentoo Linux Security Advisory 202305-33
May 30^th 2023 at 16:32

Gentoo Linux Security Advisory 202305-33

Gentoo Linux Security Advisory 202305-33 - Multiple vulnerabilities have been found in OpenImageIO, the worst of which could result in arbitrary code execution. Versions greater than or equal to 2.4.6.0 are affected.

May 30^th 2023 at 16:32

Apple Security Advisory 2023-05-18-2

Apple Security Advisory 2023-05-18-2 - iOS 15.7.6 and iPadOS 15.7.6 addresses buffer overflow, bypass, code execution, out of bounds read, and use-after-free vulnerabilities.

May 30^th 2023 at 16:32

Advisory Files ≈ Packet Storm
Gentoo Linux Security Advisory 202305-34
May 30^th 2023 at 16:32

Gentoo Linux Security Advisory 202305-34

Gentoo Linux Security Advisory 202305-34 - Multiple vulnerabilities have been found in CGAL, the worst of which could result in arbitrary code execution. Versions greater than or equal to 5.4.1 are affected.

May 30^th 2023 at 16:32